Data Management & Test Scenarios Exercise

Size: px
Start display at page:

Download "Data Management & Test Scenarios Exercise"

Transcription

1 Data Management & Test Scenarios Exercise MDD CDD Validation Dev. RFP Release A B C FRP IOC FOC Materiel Solution Analysis Tech Maturation & Risk Reduction Engineering and Manufacturing Development Production & Deployment Operations & Support YOU ARE HERE 1

2 Learning Objectives Recognize DoD policy on T&E data management, including data security, and archiving and releasing test data. Describe the data authentication process of verifying and validating the test data set, protecting the integrity of test data, and ensuring validity of collected data to meet test objectives. Recognize the need for measurable, high-quality, timely, and cost-effective data; to enable unbiased T&E results. Describe the processes for data failure definition and scoring; including reliability, availability and maintainability scoring conferences. Develop information for a data management plan in support of test and evaluation. Given key requirements of a notional weapon system, develop a test scenario (highlevel test plan); including identification of test conditions, and controlled and uncontrolled variables. Given key requirements of a notional weapon system, develop a test scenario (highlevel test plan) that supports the overall program plan, including opportunities for combined DT/OT. 2

3 This lesson will cover the following topics: 1. Data Management 2. Student Exercise Lesson Topics 3

4 Data Management Lesson Topics: 1) Data Management 2) Student Exercise 4

5 T&E Data / Data Management Policy Data must be collected that will contribute towards assessing: key performance parameters, critical technical parameters, key system attributes, interoperability requirements, cybersecurity requirements, reliability growth, maintainability attributes, developmental test objectives, and others as needed. Paraphrased from DODI , Encl 4 par 5a(11) Note: the service T&E regulations give additional information concerning data management. Additional information can be found in the Service folders, on the student CD-ROM.

6 Data Requirements Base data requirements on: MOEs / MOSs / MOPs Test variables to be measured Sample sizes Evaluation Plan contents Identify agency responsible to collect the data Determine data source, type & format before starting test Exercise sound judgment in determining type & amount of data to be collected Data should be high quality, measurable, timely, and cost effective; and should enable unbiased T&E results 6

7 Data Analysis, Collection, and Management Plans Purpose of the plans Provide detailed procedures for the collection, reduction, quality assurance, collation, analysis, storage and disposition of data gathered to support evaluations. Objectives of the plans Eliminate duplication of efforts Provide guidance to collection/analysis effort Provide adequate and timely analytical info Manage resources: Instrumentation Data transmission, reduction & storage Data analysis teams (Analysis, Evaluation, Reporting) 7

8 Elements Of A Test Database The following are essential elements, for designing a test database: Accessible to all stakeholders Used for all T&E data for the organization and/or the system under test Ease of use, and ease of data mining Fields for all necessary data Appropriate choice of software Traceability to the originator / generator of the data Current status of the data (for approval, for info., etc.), version / control number, and date Security of the database Permissions (read / write vs. read only) and other controls 8

9 Archiving Data Data from all T&E phases must be stored and archived to support both current and future uses (such as future T&E efforts) When practical, use electronic media to store data Set up databases for ease of use and ease of data mining Provide for periodic reviews of the database Follow your organization s guidance concerning data retention, disposition, and disposal The Program Manager and test agencies for all programs will provide the Defense Technical Information Center (DTIC) with all reports and the supporting data and metadata for the test events in those reports. DoDI Encl 5, par 10c(5) 9

10 Archiving Data Example From ATEC Reg (March 2006) Data Category Raw data data in its original form (Level 1) Audio/video tape and film (Level 1) Written Level 2 data Processed & smoothed automated instrumentation data (Level 2) Test database of record (Level 3) Plans and reports (Levels 4-7) Supplemental analyses (Levels 4-7) Retention Retained for 1 year after end of event Retained for 1 year after end of event Retained for 1 year after end of event Archived for 1 year after end of event Archived permanently Archived permanently Archived for 3 years (nonoversight), 10 years (oversight) 10

11 DoD Policy For Accessing Test Data The acquisition chain of command, including the Program Manager, and the DASD(T&E) and their designated representatives will have full and prompt access to all ongoing developmental testing, and all developmental test records and reports... Data may be preliminary and will be identified as such. DoDI Encl 4 par 6c(1) DOT&E, the Program Manager and their designated representatives who have been properly authorized access, will all have full and prompt access to all records, all reports, and all data... Data may be preliminary and will be identified as such. DoDI Encl 5 par 10c(1)

12 Releasing Test Data Within DoD: Test organization commanders determine processes & release authority for reports & information under their control Classified information must be handled per DODD , and associated documents Outside the DoD: Freedom of Information Act requests (from individuals or private industry) should be processed according to DoD Regulation , and service policy Report news media or civic organization requests to the Public Affairs Officer of the appropriate agency Follow service guidance concerning information released to Congress, the GAO, the DoD Inspector General, and similar agencies Follow service guidance concerning release of info to foreign governments, foreign liaison officers, or foreign nationals 12

13 Data Authentication & Scoring Prior to testing, the procedure & rules for data / test authentication must be developed Data Authentication Group (DAG) determines the validity of test events & test data Prior to testing, it must also be determined what constitutes a failure (DT&E) or a mission failure (OT&E) This information typically comes from the requirements documents and/or failure definition & scoring process Scoring conference(s) Assigns the reason(s) for test failures 13

14 Data Authentication Process The services/organizations have processes for data authentication. A typical process includes: Data Authentication Group (DAG) charter and standard operating procedures are developed prior to the start of testing After the test data has been collected, the DAG determines whether the data is valid and/or acceptable Whether the test was a valid test Whether the data represents what really happened (instrumentation error, for example) Once the DAG process has been completed, the DAG releases an authenticated event database 14

15 Failure Definition & Scoring The services / organizations have processes for failure definition & scoring. A typical process includes: Failure Definition and Scoring Criteria (FD/SC) are developed prior to the start of testing The FD/SC typically lists detailed descriptions of what constitutes a failure, for each essential function. Classification (for example, in which essential function or nonessential function did the failure occur?) Chargeability of test incidents cause(s) of the failures. (For example, accident, crew, HW CFE, HW GFE, SW CFE, SW GFE, maintenance, support equipment, tech docs/manuals, training, secondary failure, or unknown) Scoring conferences occur after test data has been authenticated FD/SC are used to determine classification & chargeability of test incidents that occur during R&M testing which failures count against R&M, and which don t?

16 Test Scenarios & Data Management Exercise Lesson Topics: 1) Data Management 2) Student Exercise 16

17 Test Scenarios and Data Management Exercise Given: Key operational, technical, and programmatic requirements Objective: Develop a developmental or operational test scenario, along with Data Collection and Data Management Plans Overview: Task 1. Identify mission objective What s the focus? (The instructor will assign you a CTP or COI) Task 2. Identify test variables (controlled / uncontrolled). Task 3. Develop an operational or developmental test scenario. (Develop test conditions to satisfy variables, and develop a DT or OT scenario) Task 4. Determine information for at least two of your data elements. (This information is needed for the Data Collection, Data Analysis, & Data Management Plans). Task 5. Identify opportunities to combine DT/OT. Are there any opportunities for combined DT/OT in your test scenario? 17

18 Operational Mission Scenarios Impact on Test Planning Operational mission scenarios allow the following to be identified (which facilitates test planning): Needed test resources (platforms, users, support personnel, instrumentation, range time, etc.) Cost and schedule Necessary terrain & weather conditions Environmental or safety restrictions 18

19 Dependent Variables Independent Variables Observations Controlled Uncontrolled Primary Factors Background Factors Background Factors Held Constant Natural Group Random Measured Not Measured

20 Difference Between Test Mission Plans & Detailed Test Plans Test Mission Plans High Level Issue focus COI CTP Detailed Test Plans Detail Level Data focus Detailed info on data collection, data analysis, data mgmt., etc. 20

21 Data Collection, Analysis, & Data Management Planning Some Data Collection, Data Analysis & Data Mgmt. info. is typically developed along with the Test Scenario: Important data (specific data elements) to be collected Purpose of the data (it will be analyzed to determine what?) Data accuracy and estimated sample sizes needed, for the data elements For the purposes of this exercise, you may state high, medium, or low data accuracy & sample sizes Data collection methods / instrumentation needed, for the data elements Note: more detailed Data Collection/Analysis/Mgmt. planning is typically done later, along with the detailed test plans

22 Exercise Tasks and Timeline Task 1: Identify controlled / uncontrolled variables for your assigned CTP or COI. Task 2: Develop test conditions for one test scenario / mission plan Task 3: Outline your test scenario / mission plan (Note: you DON T need to assess the entire CTP or COI) Task 4: Determine the following information for at least two data elements that you plan to collect: Purpose of the data, data accuracy & sample sizes needed, and data collection method/instrumentation needed. Task 5: Identify opportunities for Combined DT/OT in your scenario / mission plan (40 minutes to complete all five tasks) 22

23 COIs and CTPs COIs Can the SPAW be rapidly inserted into the combat environment? Can the SPAW deliver sufficient and accurate fire on the battlefield? Is the SPAW survivable on the battlefield? CTPs Must protect the crew (90% probability of crew survival) against AT mine blast beside or under the platform. MTBF of 128 hours. 23

24 Thursday Night Homework Read the course material, for the DT&E Test Execution Exercise Read the slides (starting with the DT&E Test Execution Exercise slide) Read the four checklists & supplemental information for the exercise As you read the material, think about how you might write a DRAFT test plan, using the template provided in your book Your team will write a DRAFT test plan, as part of this exercise 24

T&E Workforce Development

T&E Workforce Development T&E Workforce Development 2016 ITEA Cyber Security Workshop Mr. Thomas W. Simms Deputy Director, T&E Competency & Development Deputy Assistant Secretary of Defense (DT&E) March 17, 2016 Agenda Policy Overview

More information

Shift Left: Putting the Process Into Action

Shift Left: Putting the Process Into Action U.S. ARMY EVALUATION CENTER Shift Left: Putting the Process Into Action March 30, 2017 Agenda The Evaluator s Motivation Where We Were Guidance and Policy Putting it into Action 2 The Evaluator s Motivation

More information

Air Force Test Center

Air Force Test Center Air Force Test Center Avionics Cyber Range (ACR) Mark Erickson 46 TS/OGE 26 January 2017 DISTRIBUTION STATEMENT A: Approved for public release: distribution is unlimited. 96TW-2017-0005 1 What is the Avionics

More information

Test and Evaluation Methodology and Principles for Cybersecurity

Test and Evaluation Methodology and Principles for Cybersecurity Test and Evaluation Methodology and Principles for Cybersecurity Andrew Pahutski Deputy Director; Cyber & Information Systems Office of the Secretary of Defense (OSD) Developmental Test and Evaluation

More information

The Perfect Storm Cyber RDT&E

The Perfect Storm Cyber RDT&E The Perfect Storm Cyber RDT&E NAVAIR Public Release 2015-87 Approved for public release; distribution unlimited Presented to: ITEA Cyber Workshop 25 February 2015 Presented by: John Ross NAVAIR 5.4H Cyberwarfare

More information

6/18/ ACC / TSA Security Capabilities Workshop THANK YOU TO OUR SPONSORS. Third Party Testing Program Overview.

6/18/ ACC / TSA Security Capabilities Workshop THANK YOU TO OUR SPONSORS. Third Party Testing Program Overview. 2015 ACC / TSA Security Capabilities Workshop June 16-18, 2015 #SecurityCapabilities THANK YOU TO OUR SPONSORS 2015 ACC/TSA Security Capabilities Workshop June 24-26 Arlington, VA #SecurityCapabilities

More information

Practitioner Certificate in Business Continuity Management (PCBCM) Course Description. 10 th December, 2015 Version 2.0

Practitioner Certificate in Business Continuity Management (PCBCM) Course Description. 10 th December, 2015 Version 2.0 Practitioner Certificate in Business Continuity Management (PCBCM) Course Description 10 th December, 2015 Version 2.0 Course The Practitioner Certificate in Business Continuity Management (PCBCM) course

More information

Test & Evaluation of the NR-KPP

Test & Evaluation of the NR-KPP Defense Information Systems Agency Test & Evaluation of the NR-KPP Danielle Mackenzie Koester Chief, Engineering and Policy Branch March 15, 2011 2 "The information provided in this briefing is for general

More information

THE UNDER SECRETARY OF DEFENSE 3010 DEFENSE PENTAGON WASHINGTON, DC ACQUISITION, TECHNOLOGY AND LOGISTICS January 11, 2017

THE UNDER SECRETARY OF DEFENSE 3010 DEFENSE PENTAGON WASHINGTON, DC ACQUISITION, TECHNOLOGY AND LOGISTICS January 11, 2017 THE UNDER SECRETARY OF DEFENSE 3010 DEFENSE PENTAGON WASHINGTON, DC 20301-3010 ACQUISITION, TECHNOLOGY AND LOGISTICS January 11, 2017 MEMORANDUM FOR SECRETARIES OF THE MILITARY DEPARTMENTS CHAIRMAN OF

More information

Biometric Enabling Capabilities Increment 1 (BEC Inc 1) Information Exchange. LTC Eric Pavlick PM, Biometric Enabling Capabilities

Biometric Enabling Capabilities Increment 1 (BEC Inc 1) Information Exchange. LTC Eric Pavlick PM, Biometric Enabling Capabilities Biometric Enabling Capabilities Increment 1 (BEC Inc 1) Information Exchange LTC Eric Pavlick PM, Biometric Enabling Capabilities 30 JULY 2013 BEC Inc 1 Agenda Program Overview LTC Eric Pavlick, Product

More information

Cybersecurity Test and Evaluation Achievable and Defensible Architectures

Cybersecurity Test and Evaluation Achievable and Defensible Architectures Cybersecurity Test and Evaluation Achievable and Defensible Architectures October 2015, ITEA Francis Scott Key Chapter Mr. Robert L. Laughman for COL Scott D. Brooks, Director, Survivability Evaluation

More information

DoD Strategy for Cyber Resilient Weapon Systems

DoD Strategy for Cyber Resilient Weapon Systems DoD Strategy for Cyber Resilient Weapon Systems Melinda K. Reed Office of the Deputy Assistant Secretary of Defense for Systems Engineering NDIA Systems Engineering Conference October 2016 10/24/2016 Page-1

More information

Cybersecurity Planning Lunch and Learn

Cybersecurity Planning Lunch and Learn Cybersecurity Planning Lunch and Learn Mr. Tyrone Ty Theriot, CNE Tyrone.Theriot@dau.mil 703-805-4983 3 May 2017 Presenter: Ty Theriot Moderator: LtCol Stephani Hunsinger LtCol Stephani Hunsinger USAF,

More information

Dr. Steven J. Hutchison Principal Deputy Developmental Test and Evaluation

Dr. Steven J. Hutchison Principal Deputy Developmental Test and Evaluation Nov 2012 Page-1 Dr. Steven J. Hutchison Principal Deputy Developmental Test and Evaluation November 2012 Nov 2012 Page-2 DT&E for Complex Systems Performance Reliability Interoperability Information Security

More information

April 25, 2018 Version 2.0

April 25, 2018 Version 2.0 April 25, 2018 Version 2.0 Table of Contents Introduction... 1 1.1 Organization of This Guidebook... 1 1.2 Audience... 2 1.3 Applicability... 2 1.4 Terminology... 2 Cybersecurity Policies and Guidance

More information

The Operational Test & Evaluation Cybersecurity Terrain

The Operational Test & Evaluation Cybersecurity Terrain The Operational Test & Evaluation Cybersecurity Terrain William Budman Redmond AFOTEC/ED Approved for public release; distribution is unlimited. AFOTEC Public Affairs Public Release Number 2018-03 1 BLUF:

More information

AMRDEC CYBER Capabilities

AMRDEC CYBER Capabilities Presented to: HAMA AMRDEC CYBER Capabilities Distribution Statement A: Approved for public release: distribution unlimited 08 July 16 Presented by: Julie Locker AMRDEC Cyber Lead U.S. Army Aviation and

More information

Cybersecurity vs. Cyber Survivability: A Paradigm Shift

Cybersecurity vs. Cyber Survivability: A Paradigm Shift U.S. ARMY EVALUATION CENTER Cybersecurity vs. Cyber Survivability: A Paradigm Shift March 8, 2018 BLUF The T&E community should stop using the term cybersecurity when what we mean is cyber survivability

More information

FISMAand the Risk Management Framework

FISMAand the Risk Management Framework FISMAand the Risk Management Framework The New Practice of Federal Cyber Security Stephen D. Gantz Daniel R. Phi I pott Darren Windham, Technical Editor ^jm* ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON

More information

Information Security Program Audit Introduction and Survival Guide

Information Security Program Audit Introduction and Survival Guide Information Security Program Audit Introduction and Survival Guide Cyber Security Symposium 2016, Sacramento Convention Center September 28, 2016 INTRODUCTION Welcome Presenters Background Carl Salmonsen,

More information

DIACAP and the GIG IA Architecture. 10 th ICCRTS June 16, 2005 Jenifer M. Wierum (O) (C)

DIACAP and the GIG IA Architecture. 10 th ICCRTS June 16, 2005 Jenifer M. Wierum (O) (C) DIACAP and the GIG IA Architecture 10 th ICCRTS June 16, 2005 Jenifer M. Wierum (O) 210-9252417 (C) 210-396-0254 jwierum@cygnacom.com OMB Circular A-130 (1996) OMB A-130 required systems and applications

More information

Strategies for Implementing Large-Scale ERM

Strategies for Implementing Large-Scale ERM Strategies for Implementing Large-Scale ERM Kris Stenson ORMS Administrator Oregon State Archives Brice Sample Records Manager State of Michigan Position in Government Under Secretary of State Archivist

More information

Integrated Consortium of Laboratory Networks (ICLN)

Integrated Consortium of Laboratory Networks (ICLN) Integrated Consortium of Laboratory Networks (ICLN) Dr. S. Randolph Long Deputy Director Chem Bio Division, DHS S&T Directorate FERN National Training Conference June 2009 1 Outline ICLN Organization Steps

More information

Department of Defense (DoD) Joint Federated Assurance Center (JFAC) Overview

Department of Defense (DoD) Joint Federated Assurance Center (JFAC) Overview Department of Defense (DoD) Joint Federated Assurance Center (JFAC) Overview Kristen Baldwin Principal Deputy, Office of the Deputy Assistant Secretary of Defense for Systems Engineering (DASD(SE)) 17

More information

ISO TC46/SC11 Archives/records management

ISO TC46/SC11 Archives/records management ISO TC46/SC11 Archives/records management GUIDANCE FOR IMPLEMENTING DOCUMENTED INFORMATION CLAUSE USING PROCESSES AND CONTROLS OF ISO 30301:2011 Management system for records EXPLANATORY PAPER NOVEMBER

More information

Summary of PIC/S Guidance Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments

Summary of PIC/S Guidance Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments www.rx-360.org Summary of PIC/S Guidance Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments Draft Published August 2016 This summary was prepared by the Rx-360 Monitoring

More information

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure March 2015 Pamela Curtis Dr. Nader Mehravari Katie Stewart Cyber Risk and Resilience Management Team CERT

More information

INFORMATION ASSURANCE DIRECTORATE

INFORMATION ASSURANCE DIRECTORATE National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Signature Repository A Signature Repository provides a group of signatures for use by network security tools such

More information

DEFINITIONS AND REFERENCES

DEFINITIONS AND REFERENCES DEFINITIONS AND REFERENCES Definitions: Insider. Cleared contractor personnel with authorized access to any Government or contractor resource, including personnel, facilities, information, equipment, networks,

More information

UNIVERSITY OF MASSACHUSETTS AMHERST INFORMATION SECURITY POLICY September 20, 2017

UNIVERSITY OF MASSACHUSETTS AMHERST INFORMATION SECURITY POLICY September 20, 2017 UNIVERSITY OF MASSACHUSETTS AMHERST INFORMATION SECURITY POLICY September 20, 2017 I. Introduction Institutional information, research data, and information technology (IT) resources are critical assets

More information

INFORMATION ASSURANCE DIRECTORATE

INFORMATION ASSURANCE DIRECTORATE National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Network Mapping The Network Mapping helps visualize the network and understand relationships and connectivity between

More information

Joint Federated Assurance Center (JFAC): 2018 Update. What Is the JFAC?

Joint Federated Assurance Center (JFAC): 2018 Update. What Is the JFAC? 21 st Annual National Defense Industrial Association Systems and Mission Engineering Conference Joint Federated Assurance Center (JFAC): 2018 Update Thomas Hurt Office of the Under Secretary of Defense

More information

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not

More information

Assessing the impacts of Amended Toxic Substances Control Act (TSCA) to the DoD Mission and the Defense Industrial Base (DIB)

Assessing the impacts of Amended Toxic Substances Control Act (TSCA) to the DoD Mission and the Defense Industrial Base (DIB) One team, one voice delivering global acquisition insight that matters. Assessing the impacts of Amended Toxic Substances Control Act (TSCA) to the DoD Mission and the Defense Industrial Base (DIB) DIB

More information

TEL2813/IS2820 Security Management

TEL2813/IS2820 Security Management TEL2813/IS2820 Security Management Security Management Models And Practices Lecture 6 Jan 27, 2005 Introduction To create or maintain a secure environment 1. Design working security plan 2. Implement management

More information

Revitalizing Education and Training in Systems Engineering

Revitalizing Education and Training in Systems Engineering Revitalizing Education and Training in Systems Engineering Don S. Gelosh, PhD Sr. Systems Engineer Office of Deputy Director for Enterprise Development Systems and Software Engineering Office of the Deputy

More information

UNIVERSITY OF MASSACHUSETTS AMHERST INFORMATION SECURITY POLICY October 25, 2017

UNIVERSITY OF MASSACHUSETTS AMHERST INFORMATION SECURITY POLICY October 25, 2017 UNIVERSITY OF MASSACHUSETTS AMHERST INFORMATION SECURITY POLICY October 25, 2017 I. Introduction Institutional information, research data, and information technology (IT) resources are critical assets

More information

INFORMATION ASSURANCE DIRECTORATE

INFORMATION ASSURANCE DIRECTORATE National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Risk Monitoring Risk Monitoring assesses the effectiveness of the risk decisions that are made by the Enterprise.

More information

ISO INTERNATIONAL STANDARD. Information and documentation Records management Part 1: General

ISO INTERNATIONAL STANDARD. Information and documentation Records management Part 1: General Provläsningsexemplar / Preview INTERNATIONAL STANDARD ISO 15489-1 First edition 2001-09-15 Information and documentation Records management Part 1: General Information et documentation «Records management»

More information

OSD Product Support BCA Guidebook. Joseph Colt Murphy Senior Financial Analyst ODASD Materiel Readiness 9 May 2011

OSD Product Support BCA Guidebook. Joseph Colt Murphy Senior Financial Analyst ODASD Materiel Readiness 9 May 2011 OSD Product Support BCA Guidebook Joseph Colt Murphy Senior Financial Analyst ODASD Materiel Readiness 9 May 2011 Joseph.murphy@osd.mil Introduction Product Support BCA Guidebook Draft document Final review

More information

U.S. FLEET CYBER COMMAND U.S. TENTH FLEET Managing Cybersecurity Risk

U.S. FLEET CYBER COMMAND U.S. TENTH FLEET Managing Cybersecurity Risk U.S. FLEET CYBER COMMAND U.S. TENTH FLEET Managing Cybersecurity Risk Neal Miller, Navy Authorizing Official December 13, 2016 UNCLASSIFIED 1 Some Inconvenient Truths The bad guys and gals still only work

More information

Records Management Standard for the New Zealand Public Sector: requirements mapping document

Records Management Standard for the New Zealand Public Sector: requirements mapping document Records Management Standard for the New Zealand Public Sector: requirements mapping document Introduction This document maps the requirements in the new Records Management Standard to the requirements

More information

CYBER SECURITY BRIEF. Presented By: Curt Parkinson DCMA

CYBER SECURITY BRIEF. Presented By: Curt Parkinson DCMA CYBER SECURITY BRIEF Presented By: Curt Parkinson DCMA September 20, 2017 Agenda 2 DFARS 239.71 Updates Cybersecurity Contracting DFARS Clause 252.204-7001 DFARS Clause 252.239-7012 DFARS Clause 252.239-7010

More information

Program Protection Implementation Considerations

Program Protection Implementation Considerations Program Protection Implementation Considerations Melinda Reed Deputy Director for Program Protection Office of the Deputy Assistant Secretary of Defense for Systems Engineering NDIA Program Protection

More information

Systems Engineering and System Security Engineering Requirements Analysis and Trade-Off Roles and Responsibilities

Systems Engineering and System Security Engineering Requirements Analysis and Trade-Off Roles and Responsibilities Systems Engineering and System Security Engineering Requirements Analysis and Trade-Off Roles and Responsibilities Melinda Reed Office of the Deputy Assistant Secretary of Defense for Systems Engineering

More information

Systems Engineering: MITRE & SERC D r. J. P r o v i d a k e s D i r e c t o r, S E Te c h C e n t e r

Systems Engineering: MITRE & SERC D r. J. P r o v i d a k e s D i r e c t o r, S E Te c h C e n t e r Systems Engineering: MITRE & SERC D r. J. P r o v i d a k e s D i r e c t o r, S E Te c h C e n t e r The SERC-MITRE Doctoral Fellows Program collaboration presents the unique opportunity to transition

More information

Forensics and Biometrics Enterprise Reference Architecture (FBEA)

Forensics and Biometrics Enterprise Reference Architecture (FBEA) Forensics and Biometrics Enterprise Reference (FBEA) Overview and Summary Information (AV-1) Final Draft Version 2.6 Aug 2016 Version History Version# Date Page(s) Changed Change Description 1.0 Feb 2016

More information

Service Management. What an Acquisition Practitioner Needs to Know. Karen Gomez Defense Information Systems Agency Mission Support Division

Service Management. What an Acquisition Practitioner Needs to Know. Karen Gomez Defense Information Systems Agency Mission Support Division Service Management DAU Symposium April 4, 2017 What an Acquisition Practitioner Needs to Know Karen Gomez Defense Information Systems Agency Mission Support Division 1 Topics DESMF The DESMF Realized Service

More information

DOD Medical Device Cybersecurity Considerations

DOD Medical Device Cybersecurity Considerations Enedina Guerrero, Acting Chief, Incident Mgmt. Section, Cyber Security Ops Branch 2015 Defense Health Information Technology Symposium DOD Medical Device Cybersecurity Considerations 1 DHA Vision A joint,

More information

Security Management Models And Practices Feb 5, 2008

Security Management Models And Practices Feb 5, 2008 TEL2813/IS2820 Security Management Security Management Models And Practices Feb 5, 2008 Objectives Overview basic standards and best practices Overview of ISO 17799 Overview of NIST SP documents related

More information

The Systems Engineering Tool Box

The Systems Engineering Tool Box The Systems Engineering Tool Box Dr Stuart Burge Give us the tools and we will finish the job Winston Churchill Stakeholder Influence Map (SIM) What is it and what does it do? A Stakeholder Influence Map

More information

Breakout Session. James Martin Kevin Kreitman Jeff Diehl Scott Bernard

Breakout Session. James Martin Kevin Kreitman Jeff Diehl Scott Bernard Breakout Session Exploring the Differences between Enterprise and System s A Look at the Different Methods, Tools, and Techniques James Martin Kevin Kreitman Jeff Diehl Scott Bernard Slide 1 Abstract Point:

More information

TRICARE Operations Manual M, April 1, 2015 Records Management (RM) Chapter 9 Section 1

TRICARE Operations Manual M, April 1, 2015 Records Management (RM) Chapter 9 Section 1 Records Management (RM) Chapter 9 Section 1 Revision: 1.0 POLICY 1.1 This chapter implements the Department of Defense (DoD) Records Management (RM) Policy and Defense Health Agency (DHA) Records Retention

More information

ISA 201 Intermediate Information Systems Acquisition

ISA 201 Intermediate Information Systems Acquisition ISA 201 Intermediate Information Systems Acquisition 1 Lesson 8 (Part A) 2 Learning Objectives Today we will learn to: Overall: Apply cybersecurity analysis throughout acquisition lifecycle phases. Analyze

More information

Global Security Advisor

Global Security Advisor Global Security Advisor Location: [North America] [United States] Category: Security *Preferred location: USA. Other locations will be considered globally where WVI is registered to operate. PURPOSE OF

More information

Streamlined FISMA Compliance For Hosted Information Systems

Streamlined FISMA Compliance For Hosted Information Systems Streamlined FISMA Compliance For Hosted Information Systems Faster Certification and Accreditation at a Reduced Cost IT-CNP, INC. WWW.GOVDATAHOSTING.COM WHITEPAPER :: Executive Summary Federal, State and

More information

New Guidance on Privacy Controls for the Federal Government

New Guidance on Privacy Controls for the Federal Government New Guidance on Privacy Controls for the Federal Government IAPP Global Privacy Summit 2012 March 9, 2012 Dr. Ron Ross Computer Security Division, NIST Martha Landesberg, J.D., CIPP/US The Privacy Office,

More information

Test Resource Management Center Directed Energy T&E Conference A Joint DEPS ITEA Event

Test Resource Management Center Directed Energy T&E Conference A Joint DEPS ITEA Event Test Resource Management Center Directed Energy T&E Conference A Joint DEPS ITEA Event Mr. George Rumford Deputy Director Major Initiatives and Technical Analyses Test Resource Management Center January

More information

Systems Security Engineering: A Framework to Protect Hardware Down to the Last Tactical Inch

Systems Security Engineering: A Framework to Protect Hardware Down to the Last Tactical Inch Institute for Defense Analyses 4850 Mark Center Drive Alexandria, Virginia 22311-1882 Systems Security Engineering: A Framework to Protect Hardware Down to the Last Tactical Inch Brian Cohen, bcohen@ida.org

More information

OSD Product Support BCA Guidebook. Joseph Colt Murphy Senior Financial Analyst ODASD Materiel Readiness 9 May 2011

OSD Product Support BCA Guidebook. Joseph Colt Murphy Senior Financial Analyst ODASD Materiel Readiness 9 May 2011 OSD Product Support BCA Guidebook Joseph Colt Murphy Senior Financial Analyst ODASD Materiel Readiness 9 May 2011 Joseph.murphy@osd.mil Report Documentation Page Form Approved OMB No. 0704-0188 Public

More information

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

Charting the Course... Certified Information Systems Auditor (CISA) Course Summary Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business

More information

Cybersecurity in Acquisition

Cybersecurity in Acquisition Kristen J. Baldwin Acting Deputy Assistant Secretary of Defense for Systems Engineering (DASD(SE)) Federal Cybersecurity Summit September 15, 2016 Sep 15, 2016 Page-1 Acquisition program activities must

More information

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

UNCLASSIFIED. FY 2016 Base FY 2016 OCO Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense : February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 7: Operational Systems Development

More information

National Cyber Security Strategy (NCS) Toolkit

National Cyber Security Strategy (NCS) Toolkit National Cyber Security Strategy (NCS) Toolkit Let s create a toolkit to help states to develop or improve their national cyber security strategies Examples of Topics To Be Addressed The role, objectives

More information

Cybersecurity & Privacy Enhancements

Cybersecurity & Privacy Enhancements Business, Industry and Government Cybersecurity & Privacy Enhancements John Lainhart, Director, Grant Thornton The National Institute of Standards and Technology (NIST) is in the process of updating their

More information

Rocky Mountain Cyberspace Symposium 2018 DoD Cyber Resiliency

Rocky Mountain Cyberspace Symposium 2018 DoD Cyber Resiliency Rocky Mountain Cyberspace Symposium 2018 DoD Cyber Resiliency Mr. Ed Brindley Acting Deputy Cyber Security Department of Defense 7 March 2018 SUPPORT THE WARFIGHTER 2 Overview Secretary Mattis Priorities

More information

EXAM PREPARATION GUIDE

EXAM PREPARATION GUIDE When Recognition Matters EXAM PREPARATION GUIDE PECB Certified OHSAS 18001 Lead Auditor www.pecb.com The objective of the PECB Certified OHSAS 18001 Lead Auditor examination is to ensure that the candidate

More information

STUDENT GUIDE Risk Management Framework Step 1: Categorization of the Information System

STUDENT GUIDE Risk Management Framework Step 1: Categorization of the Information System Slide 1 RMF Overview RMF Module 1 RMF takes into account the organization as a whole, including strategic goals and objectives and relationships between mission/business processes, the supporting information

More information

Antiterrorism / Force Protection (AT/FP) Assessment Tool Training. Module 1: Policy Drivers for MARMS & AT/FP Assessments

Antiterrorism / Force Protection (AT/FP) Assessment Tool Training. Module 1: Policy Drivers for MARMS & AT/FP Assessments Antiterrorism / Force Protection (AT/FP) Assessment Tool Training Module 1: Policy Drivers for MARMS & AT/FP Assessments Supporting Joint Staff J33 via US Army Armament, Research, Development and Engineering

More information

THE POWER OF TECH-SAVVY BOARDS:

THE POWER OF TECH-SAVVY BOARDS: THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES

More information

DFARS Defense Industrial Base Compliance Information

DFARS Defense Industrial Base Compliance Information DFARS 252.204-7012 Defense Industrial Base Compliance Information Protecting Controlled Unclassified Information (CUI) Executive Order 13556 "Controlled Unclassified Information, November 2010 Established

More information

Avionics Cyber T&E Examples Testing Cyber Security Resilience to support Operations in the 3rd Offset Environment

Avionics Cyber T&E Examples Testing Cyber Security Resilience to support Operations in the 3rd Offset Environment Avionics Cyber T&E Examples Testing Cyber Security Resilience to support Operations in the 3rd Offset Environment 26 January 2017 Presented by: Mr. Chad Miller NAVAIR Cyber T&E What: Replicate Cyber Battlespace

More information

ManTech Advanced Systems International 2017 Security Training Schedule

ManTech Advanced Systems International 2017 Security Training Schedule ManTech Advanced Systems International 2017 Security Training Schedule Risk Management Framework Course Course Dates Course Location Course Cost October 16 19, 2017 Joint Base Anacostia-Bolling, Washington,

More information

Organizing Your Electronic Folders. Document Naming. Organizing Electronic Documents. Disposition of Electronic Documents. Sample Directory Tree 1

Organizing Your Electronic Folders. Document Naming. Organizing Electronic Documents. Disposition of Electronic Documents. Sample Directory Tree 1 Organizing Your Electronic Folders Electronic documents are the files stored on your computer and shared drives, such as word processing documents, spreadsheets and digital photographs. Document Naming

More information

The Trail of Electrons

The Trail of Electrons E-Records E-Mail E-Discovery The Trail of Electrons ML Taylor, C.P.M. February 2013 January 2013 ML Taylor, C.P.M. 1 Objectives 1. Raise awareness of the issues surrounding the use of email and electronic

More information

Information technology Governance of IT Governance of data. Part 1: Application of ISO/IEC to the governance of data

Information technology Governance of IT Governance of data. Part 1: Application of ISO/IEC to the governance of data INTERNATIONAL STANDARD ISO/IEC 38505-1 First edition 2017-04 Information technology Governance of IT Governance of data Part 1: Application of ISO/IEC 38500 to the governance of data Technologies de l

More information

Data Management and Sharing Plan

Data Management and Sharing Plan 1. PURPOSE: Data generated as a result of the response, or germane to the mitigation of the incident, are used to generate a Common Operating Picture (COP) display and provide information for the Situation

More information

BY ORDER OF THE ELECTRONIC SYSTEMS CENTER/ ESC/ENI INSTRUCTION ENGINEERING INTEGRATION (ESC/ENI) CHIEF Date: 8 August, 2011

BY ORDER OF THE ELECTRONIC SYSTEMS CENTER/ ESC/ENI INSTRUCTION ENGINEERING INTEGRATION (ESC/ENI) CHIEF Date: 8 August, 2011 BY ORDER OF THE ELECTRONIC SYSTEMS CENTER/ ESC/ENI INSTRUCTION 99-103 ENGINEERING INTEGRATION (ESC/ENI) CHIEF Date: 8 August, 2011 Test and Evaluation CAPABILITIES-BASED TEST AND EVALUATION COMPLIANCE

More information

SC27 WG4 Mission. Security controls and services

SC27 WG4 Mission. Security controls and services copyright ISO/IEC JTC 1/SC 27, 2012. This is an SC27 public document and is distributed as is for the sole purpose of awareness and promotion of SC 27 standards and so the text is not to be used for commercial

More information

Integrated Consortium of Laboratory Networks (ICLN) Brief to the NPDN National Meeting

Integrated Consortium of Laboratory Networks (ICLN) Brief to the NPDN National Meeting Integrated Consortium of Laboratory Networks (ICLN) Brief to the NPDN National Meeting January 30, 2007 1 Agenda ICLN Background Information Network Coordinating Group Accomplishments Responsible Federal

More information

Space and Naval Warfare Systems Center Atlantic Information Warfare Research Project (IWRP)

Space and Naval Warfare Systems Center Atlantic Information Warfare Research Project (IWRP) Space and Naval Warfare Systems Center Atlantic Information Warfare Research Project (IWRP) SSC Atlantic is part of the Naval Research & Development Establishment (NR&DE) Information Warfare Research Project

More information

Cyber T&E Standards Panel

Cyber T&E Standards Panel Cyber T&E Standards Panel Why Cyber T&E Standards? Mr. George Wauer, Touchstone POCs, LLc Test and Training Enabling Architecture (TENA) Mr. Gene Hudgins, TRMC Cyber Range Environment VV&A Mr. Ryan Kelly,

More information

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities

More information

Terms in the glossary are listed alphabetically. Words highlighted in bold are defined in the Glossary.

Terms in the glossary are listed alphabetically. Words highlighted in bold are defined in the Glossary. Glossary 2010 The Records Management glossary is a list of standard records terms used throughout CINA s guidance and training. These terms and definitions will help you to understand and get the most

More information

EDRMS Document Migration Guideline

EDRMS Document Migration Guideline Title EDRMS Document Migration Guideline Creation Date 23 December 2016 Version 3.0 Last Revised 28 March 2018 Approved by Records Manager and IT&S Business Partner Approval date 28 March 2018 TABLE OF

More information

U.S. Air Force. Digital Engineering Applications to Developmental Test & Evaluation. Dr. Ed Kraft. October 24, 2016

U.S. Air Force. Digital Engineering Applications to Developmental Test & Evaluation. Dr. Ed Kraft. October 24, 2016 U.S. Air Force I n t e g r i t y - S e r v i c e - E x c e l l e n c e Digital Engineering Applications to Developmental Test & Evaluation Dr. Ed Kraft October 24, 2016 NDIA 19 th Annual Systems Engineering

More information

Department of Defense MANUAL

Department of Defense MANUAL Department of Defense MANUAL NUMBER 3305.09 May 27, 2014 Incorporating Change 1, Effective April 9, 2018 USD(I) SUBJECT: Cryptologic Accreditation and Certification References: See Enclosure 1 1. PURPOSE.

More information

The Project Charter. Date of Issue Author Description. Revision Number. Version 0.9 October 27 th, 2014 Moe Yousof Initial Draft

The Project Charter. Date of Issue Author Description. Revision Number. Version 0.9 October 27 th, 2014 Moe Yousof Initial Draft The Project Charter Project Title: VDI Data Center Design and Build Project Sponsor: South Alberta Data Centers Inc. (SADC Inc.) Project Customer: The City of Calgary Project Manager: Moe Yousof Document

More information

MICROSOFT SQL SERVER 2016 SECURITY TECHNICAL IMPLEMENTATION GUIDE (STIG) OVERVIEW. Version 1, Release March 2018

MICROSOFT SQL SERVER 2016 SECURITY TECHNICAL IMPLEMENTATION GUIDE (STIG) OVERVIEW. Version 1, Release March 2018 MICROSOFT SQL SERVER 2016 SECURITY TECHNICAL IMPLEMENTATION GUIDE (STIG) OVERVIEW Version 1, Release 1 09 March 2018 Developed by Microsoft and for the DoD Trademark Information Names, products, and services

More information

OFFICE OF THE UNDER SECRETARY OF DEFENSE 3000DEFENSEPENTAGON WASHINGTON, DC

OFFICE OF THE UNDER SECRETARY OF DEFENSE 3000DEFENSEPENTAGON WASHINGTON, DC OFFICE OF THE UNDER SECRETARY OF DEFENSE 3000DEFENSEPENTAGON WASHINGTON, DC 20301-3000 ACQUISITION, TECHNO LOGY. A N D LOGISTICS SEP 2 1 2017 MEMORANDUM FOR COMMANDER, UNITED ST A TES SPECIAL OPERATIONS

More information

Manchester Metropolitan University Information Security Strategy

Manchester Metropolitan University Information Security Strategy Manchester Metropolitan University Information Security Strategy 2017-2019 Document Information Document owner Tom Stoddart, Information Security Manager Version: 1.0 Release Date: 01/02/2017 Change History

More information

DIRECTIVE ON RECORDS AND INFORMATION MANAGEMENT (RIM) January 12, 2018

DIRECTIVE ON RECORDS AND INFORMATION MANAGEMENT (RIM) January 12, 2018 DIRECTIVE ON RECORDS AND INFORMATION MANAGEMENT (RIM) January 12, 2018 A. OVERRIDING OBJECTIVE 1.1 This Directive establishes the framework for information management of the Asian Infrastructure Investment

More information

INFORMATION ASSURANCE DIRECTORATE

INFORMATION ASSURANCE DIRECTORATE National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Deployment Deployment is the phase of the system development lifecycle in which solutions are placed into use to

More information

Southington Public Schools

Southington Public Schools 3543 POLICY REGARDING RETENTION OF ELECTRONIC RECORDS AND INFORMATION I.POLICY The Board of Education (the Board ) complies with all state and federal regulations regarding the retention, storage and destruction

More information

A Supply Chain Attack Framework to Support Department of Defense Supply Chain Security Risk Management

A Supply Chain Attack Framework to Support Department of Defense Supply Chain Security Risk Management A Supply Chain Attack Framework to Support Department of Defense Supply Chain Security Risk Management D r. J o h n F. M i l l e r T h e M I T R E C o r p o r a t i o n P e t e r D. K e r t z n e r T h

More information

Re-Forming the DoD Acquisition Process. A Systems Engineering Approach

Re-Forming the DoD Acquisition Process. A Systems Engineering Approach Re-Forming the DoD Acquisition Process A Systems Engineering Approach MR. STEVE WARD MR. CHRIS PERKINS DEPARTMENT OF THE AIR FORCE AERONAUTICAL SYSTEMS CENTER WRIGHT-PATTERSON AFB, OH 22 OCT 2007 DISCLAIMER

More information

Information Systems and Tech (IST)

Information Systems and Tech (IST) Information Systems and Tech (IST) 1 Information Systems and Tech (IST) Courses IST 101. Introduction to Information Technology. 4 Introduction to information technology concepts and skills. Survey of

More information

Solutions Technology, Inc. (STI) Corporate Capability Brief

Solutions Technology, Inc. (STI) Corporate Capability Brief Solutions Technology, Inc. (STI) Corporate Capability Brief STI CORPORATE OVERVIEW Located in the metropolitan area of Washington, District of Columbia (D.C.), Solutions Technology Inc. (STI), women owned

More information

DoD Software Assurance Initiative. Mitchell Komaroff, OASD (NII)/DCIO Kristen Baldwin, OUSD(AT&L)/DS

DoD Software Assurance Initiative. Mitchell Komaroff, OASD (NII)/DCIO Kristen Baldwin, OUSD(AT&L)/DS DoD Software Assurance Initiative Mitchell Komaroff, OASD (NII)/DCIO Kristen Baldwin, OUSD(AT&L)/DS Agenda Background Software Assurance Definition Guiding Principles for SwA DoD SwA Strategy Elements»

More information

Concept of Operations Discussion Summary

Concept of Operations Discussion Summary TSPG Common Dataset Standard Concept of Operations Discussion Summary Tony DalSasso 677 AESG/EN 15 May 2007 1 Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection

More information